Anthropic ban not the AI curb that’s needed, security experts say

Dario Amodei
Anthropic — led by CEO and co-founder Dario Amodei — closed a $13 billion venture-funding deal in September, the largest in the quarter and one of the largest ever.Jeff Chiu/Associated Press

When it comes to artificial intelligence, President Donald Trump’s second administration has taken a decidedly antiregulatory stance — until this month. 

One of Trump’s first moves in his second term was to ditch the modest AI safety guidelines issued by his predecessor, Joe Biden. After Congress over the summer overwhelmingly rejected a proposal to ban new state laws and roll back existing ones governing the technology, the president issued an executive order seeking to do just that

But in recent weeks — in the wake of San Francisco-based Anthropic warning that its newest model, Mythos, represents a dangerous cybersecurity threat — Trump’s administration seems to have embraced the need to control the technology.

The administration’s moves — including what amounts to a ban on Anthropic’s Mythos and a preclearance regime for OpenAI — go well beyond anything the Biden administration put in place. 

“It’s certainly a landmark about-face in the attitude that the [Trump] administration has about AI,” said Anthony Aguirre, CEO of the Future of Life Institute, a nonprofit focusing on trying to prevent AI from causing large-scale harm.

The Mythos ban in particular, he said, is a “180-degree shift in how they’re treating AI.”

There have been growing calls in recent years to regulate AI. Members of the public, advocacy groups, legal experts, politicians and even people within the industry have pushed for laws or rules that would prevent AI models from doing harmful things such as encouraging teen suicidescreating nonconsensual sexual deepfakes, exploiting computer vulnerabilities, or creating bioweapons or other weapons of mass destruction

But regulatory and security experts are dubious about the rationale, legality and effectiveness of the administration’s recent moves to constrain the technology, particularly the ban on Mythos.

“My problem is not so much that they’ve changed their minds,” said Alan Rozenshtein, a law professor at the University of Minnesota law school, “it’s just that I have no confidence in the policymaking apparatus of this administration.”

While the administration might have been acting out of real concern about the model’s cybersecurity implications, it has given little public justification for its move, there doesn’t seem to be a coherent process undergirding it, and there’s reason to believe it might have been driven as much by animosity toward Anthropic as anything else, those experts told The Examiner.

Because of the importance of AI technology and its implications on society and the economy, it’s no surprise that the Trump administration has changed its mind about regulating it, said Alan Rozenshtein, a law professor at the University of Minnesota law school who focuses on technology policy.

“My problem is not so much that they’ve changed their minds,” Rozenshtein said. “It’s just that I have no confidence in the policymaking apparatus of this administration.”

Anthropic rolled out a preview of Mythos in early April. Warning that the model was particularly good at finding and taking advantage of previously unknown computer-software vulnerabilities, the company initially limited access to a handful of companies and organizations to use for defensive purposes.

The release of the model reportedly set off alarm bells in the Trump administration, which quickly reversed its previous deregulatory stance.   

First, the president issued an executive order on June 2 calling for a process by which AI developers could voluntarily submit their models for evaluation by the federal government

Then, on June 9, administration officials held a secret meeting with AI companies — pointedly not including Anthropic — about developing a process for reviewing cutting-edge AI models before they’ve been released, according to The Information.

That same day, Anthropic publicly released a version of Mythos called Fable 5 to which it had added safeguards. It made available to select organizations a more capable version called Mythos 5.

Three days later, the administration put an export control on both models that effectively blocks the company from allowing anyone to use either one.

Sam Altman, CEO of Anthropic’s cross-town rival OpenAI, told employees Wednesday the company would initially provide limited access to its newest model, GPT 5.6, in response to a request from the administration, The Information reported.

Commerce Secretary Howard Lutnick had warned Altman earlier in the week to get sign-off from other government agencies before releasing the model, according to the report.

The reason many regulatory and security experts are doubtful about the rationale for the Mythos ban is that it came mere months after Anthropic got into a dispute with the administration over the use of its models by the military. The company tried to forbid its technology from being used for domestic surveillance or fully autonomous weapons.

In reaction to that dispute, Trump ordered the federal government to cut ties with the company. Defense Secretary Pete Hegseth designated it a supply-chain risk, threatening its relationships with other government contractors.

Although a Pentagon official said in May the administration’s concern about Mythos is a “separate” issue, many experts doubt that’s true.

Soon after Anthropic released its Mythos preview and announced the model had found a collection of previously undiscovered vulnerabilities, security researchers elsewhere said they’d found that other models that were already available, including OpenAI’s GPT 5.5, had similar or even greater capabilities.

But the administration didn’t seek to block those models — although it did later seek to limit the release of more advanced OpenAI models.

Ex // Top Stories

‘The land remembers’: Goldsworthy exhibit timed with America’s 250th

San Francisco’s waterfront will host “Red Flags,” a monumental exhibition making its West Coast debut.

No stadium, no problem. SF still has FIFA World Cup excitement

Though matches are taking place 45 miles away from The City, neighborhoods have been rocking with large gatherings

Drivers can expect to pay more when crossing Golden Gate Bridge

A 50-cent hike is going into effect as part of a five-year toll program first approved in March 2024 to help address a financial shortfall

“Pretty sure this government is mad at Anthropic and this is, like, the hammer they found,” said Bruce Schneier, a renowned cybersecurity expert who is a lecturer at Harvard’s Kennedy School. “I don’t think we can read any policy into the administration.”

“Pretty sure this government is mad at Anthropic and this is, like, the hammer they found,” said Bruce Schneier, a cybersecurity expert and lecturer at the Harvard Kennedy School.

Experts also questioned the legality of the export controls the administration slapped on the Mythos models.

In his letter to Anthropic announcing the export controls, Lutnick cited a collection of laws and regulations seemingly giving him the authority to take that step. But some of the rules he cited appear irrelevant in this case, and he declined to name other regulations that might have given him clearer authority in the matter, said Bahrad Sokhansanj, a senior research scholar at the Institute for Law & AI, a nonpartisan think tank. 

Commerce Secretary Howard Lutnick, right and President Donald Trump — seen in the Oval Office on June 11 — have both played roles in the White House’s dustup with Anthropic.Jacquelyn Martin/AP Photo

One big objection to the use of an export control to block Mythos is that there’s good reason to think that such measures aren’t applicable in this case, the experts said. 

For nearly two decades, the Bureau of Industry and Security, which oversees such controls, has taken the position that digital services accessed in the cloud don’t involve exporting the underlying software or technology, so access to them can’t be blocked with export controls. 

Mythos and other closed-source artificial-intelligence models are essentially cloud-based services. Consumers interact with them via web interfaces or apps. Businesses tap into them using application programming interfaces. Data is sent to the models via those APIs, and the models return responses, but the underlying technology is never transferred. 

There’s a bill in Congress now that would extend export controls to cover APIs, suggesting that Congress doesn’t believe the BIS currently has that power, Rozenshtein said.

“It’s not clear even under what authority this export control is being issued,” he said.

Additionally, the regulations cited by Lutnick typically require investigations and detailed findings, which the administration seems to have skipped over entirely, Sokhansanj said. Also, before putting in place severe measures such as the one they took, officials are supposed to explore whether there are less-restrictive options that would involve less harm to American companies, he said.

“There’s no indication they went through any of this kind of analysis, and there’s no way they could have, because this stuff takes time,” Sokhansanj said.

But even if the move to slap export controls on the Mythos models was warranted and legal, at least some of the experts doubted their effectiveness. Other models that appear to be just as capable at finding and exploiting computer vulnerabilities as the Mythos ones are already available, the experts said.

Even if the Mythos models have some capabilities that go beyond other current models, AI development in this area is proceeding so rapidly that other models will likely obtain those capabilities within months, they said. 

“If the goal is a safety one … I don’t know if it will actually be helpful,” said Elizaeth Seger, a senior policy advisor at the Tony Blair Institute, a U.K.-based public-policy think tank, of the export controls. 

“It’s really only a matter of time before we start seeing equivalent capabilities that are made openly available on global markets for anyone to use and build off of,” she said.

AI technology does pose real dangers, the experts said. The U.S. government should be taking them seriously and taking steps to protect the public, they said. But many of the experts said that doing so would likely involve Congress writing laws and a democratic process of figuring out the appropriate regulations, rather than the reactive, seemingly one-off process the Trump administration is following.

AI technology does pose real dangers, the experts said. The U.S. government should be taking them seriously and taking steps to protect the public.

A big part of the problem with the way the administration has gone about AI regulation is that there’s no transparency, said Amos Toh, a senior counsel at the Brennan Center for Justice, a left-leaning policy think tank at New York University’s law school. Ideally, there would be a publicly determined and disclosed process for testing new models, evaluating the risks they pose and deciding how to mitigate those risks, he said.

“All of these questions need to be sorted out — and not behind closed doors,” Toh said.

But Congress hasn’t stepped forward to create that process. And the administration has been gutting the very agencies that would be necessary for overseeing that process, the experts said, most notably the Cybersecurity and Infrastructure Security Agency.   

The Trump administration now seems to have dropped its laissez-faire, pro-AI industry approach. Pressure from the public and increasing risks from AI models will likely push it and Congress to go farther down the road toward regulation, some of the experts said.

The public has become very skeptical of AI technology and overwhelmingly supports regulating it, Aguirre said. The questions that remain are what form regulation will take, whether the process will remain ad hoc and, in the end, how effective it will be.

“I think ultimately, public concern about this is not going to go away,” Aguirre said.

If you have a tip about tech, startups or the venture industry, contact Troy Wolverton at twolverton@sfexaminer.com or via text or Signal at (415) 515-5594.

Tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *